Results 1 to 3 of 3

Thread: Asus b85 plus

  1. #1
    ROG Member Array
    Join Date
    Dec 2016
    Reputation
    10
    Posts
    13

    Asus b85 plus

    All intel management engine firmware has a remote execution bug which allows for easy remote hacking without the user or OS ever being aware of it.

    new firmwares anounced:

    - First-gen Core family: 6.2.61.3535
    - Second-gen Core family: 7.1.91.3272
    - Third-gen Core family: 8.1.71.3608
    - Fourth-gen Core family: 9.1.41.3024 and 9.5.61.3012
    - Fifth-gen Core family: 10.0.55.3000
    - Sixth-gen Core family: 11.0.25.3001
    - Seventh-gen Core family: 11.6.27.3264


    When asus is going to update the ime of b85 plus.
    Now the ime is a very old version of 9.0.xx.xxxx

  2. #2
    ROG Guru: Black Belt Array Korth PC Specs
    Korth PC Specs
    MotherboardASUS X99 R5E (BIOS2101/1902)
    ProcessorHaswell-EP E5-1680-3 SR20H/R2 (4.4GHz)
    Memory (part number)Vengeance LPX 4x8GB SS DDR4-3000 (CMK32GX4M4C3000C15)
    Graphics Card #1NVIDIA Quadro GP100GL/16GB, 16xPCIe3, NVLink1 (SLI-HB)
    Graphics Card #2NVIDIA Quadro GP100GL/16GB, 16xPCIe3, NVLink1 (SLI-HB)
    Sound CardJDS Labs O2+ODAC (RevB), USB2 UAC1
    MonitorASUS PG278Q
    Storage #1Samsung 850 PRO 512GB SSDs, 4xSATA3 RAID0
    Storage #2Comay BladeDrive E28 3200GB SSD, 8xPCIe2
    CPU CoolerRaijintek NEMESIS/TISIS, AS5, 2xNH-A14
    CaseObsidian 750D (original), 6xNH-A14
    Power SupplyZalman/FSP ZM1250 Platinum
    Headset Pilot P51 PTT *modded*
    OS Arch, Gentoo, Win7x64, Win10x64
    Network RouterActiontec T3200M VDSL2 Gateway
    Accessory #1 TP-Link AC1900 Archer T9E, 1xPCIe
    Accessory #2 ASUS/Infineon SLB9635 TPM (TT1.2/FW3.19)
    Accessory #3 ASUS OC Panel I (FW0501)
    Korth's Avatar
    Join Date
    Mar 2015
    Reputation
    152
    Posts
    2,719

    B85 was the mid-end "Desktop Office" model of 8-Series (first-gen Lynx Point) in Q2/2013, better than H81, not as good as H87/Q87/Z87. LGA1150 Haswell.
    9-Series (second-gen Lynx Point aka Wildcat Point) released H97/Z97 in Q2/2014. LGA1150 Haswell Refresh (and Broadwell).
    100 Series (Sunrise Point) released Q3/2015. LGA1151 Skylake.
    200 Series (Union Point) released Q1/2017. LGA1151 Kaby Lake.
    Intel is already working on Skylake-X, Kaby Lake-X, Cannon Lake, and Coffee Lake for their 300 Series "mainstream"/"performance" consumer platforms, expected to release Q4/2017.

    Your B85 platform is less than 4 years old.
    But it's also three or four full generations behind Intel's current chipsets.

    It isn't officially EOL ("legacy hardware") yet, but it's close - it's no longer actively supported by Intel. In fact, the latest B85-specific microcode updates from Intel were discouraging - they locked out "non-K" overclocking on B85/H87, they disabled TSX instructions, they reduced maximum DDR3 addressing and performance parameters, etc - it seems evident that Intel "encouraged" people to buy H87 (then Z97, Z170, etc) by imposing seemingly-arbitrary limits on "lesser" chipsets. And ASUS doesn't write this firmware, they only let you download Intel's stuff from their own (motherboard) pages.

    The most serious bugs/exploits may be corrected in Intel's specific or generic IME and Errata updates, but I doubt Intel will release any 8 Series updates when they're so busy working on newer and newer tech (which they hope you'll buy, lol). If security vs remote attackers/hackers concerns you, then you have little choice but to upgrade to a newer chipset.

    FWIW, I run a variety of desktop/laptop PCs at home and work (X99, C236, 990FX, A88X) - all with cryptomodules - and I still don't like the (potential) vulnerabilities from Intel IME or AMD PSP/TEE. In the end, I feel I can still "trust" my ancient Pentium 4 more than the other "vulnerable" machines (although, alas, it languishes unused in my garage workshop, I'm just not tinfoil hat enough to sacrifice all the technotrocities provided by my other machines).
    Last edited by Korth; 05-06-2017 at 04:21 AM.

  3. #3
    ROG Member Array
    Join Date
    Dec 2016
    Reputation
    10
    Posts
    13

    The intel has already send the firmware to oem. So intel has aleady released the firmware for this old chipset. Actually they realeased fixes for the nehalem from 2010.
    Hp and lenovo already published the fixes.
    The problem is that Ime has also a lot of fixes for shutdown and restart of the machine that why i want it.

    I have the new 9.1.41.3024 update with the security fixes but i dont know if it compatible with my motherboard.
    Because it is well known that the 9.0.xx.xxxx Ime that is provided from asus can only updated manually in the same branch of the latest 9.0 IME.

    To Update it to 9.1 the bios need a rewrite in a lot of motherboards.

    I dont know if asus bios is ready for 9.1 ime if someone of asus know the answer please write it so i can update mannualy.
    I read in another forum tha haswell refresh needed 9.1 ime to work properly, but asus leave it in bios at verion 9.0.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •